NFT collection Azuki’s official Twitter account was compromised on Friday afternoon, according to an update released by the Azuki team.
The team has assured users that it is in contact with Twitter officials as it attempts to regain control of the account.
Official Twitter Account Compromised
Azuki’s official Twitter account was compromised on Friday, allowing the hackers to post a malicious link, leading users to fall for a wallet-draining scam. The link encouraged users to “claim land” in the collection’s native metaverse, The Garden. As a result of the hack, over $750,000 worth of USDC was compromised, along with 11 NFTs and 3.9 ETH, thanks to the malicious land mining links posted by the attacker.
The link to mint land sent unsuspecting users to a drainer contract, tricking them into signing a transaction and enabling the hackers to swipe the assets from the compromised wallets. One user who fell for the hack inadvertently ended up sending over $750,000 worth of USDC to the attacker’s wallet, according to data from EtherScan. Users on Twitter were quick to warn each other about the hack,
“Scam Alert! The Azuki Twitter is hacked and has shared a fake land minting site that is a wallet drainer.”
Azuki In Touch With Twitter
NFT traders and Azuki users quickly realized that the tweets from the Azuki account referring to the “surprise mint” were malicious and that the account had been compromised. With the Azuki team reaching out to Twitter, the official Twitter account seemed to have been removed from Twitter search results, along with the deletion of the malicious tweets. Furthermore, the Azuki community manager confirmed that the official account had been compromised to users on Twitter.
“AZUKI OFFICIAL TWITTER ACCOUNT IS HACKED. DO NOT CLICK LINKS FROM OUR ACCOUNT. PLEASE RETWEET.”
The project’s co-founder, Hoshiboy, confirmed that Azuki is in contact with the relevant authorities on Twitter and is actively trying to regain control of the account.
Others on Twitter, such as MetaMask security researcher Harry Denley, were quick to notice the scam and immediately warned users. Denley also revealed that MetaMask had blocked the compromised domain.
“Azuki Twitter account takeover – the offending tweet was tweeted on the Twitter web app on a mobile device MetaMask will soon block the domain when the cache clears.”
The Phantom wallet team also alerted their users and marked the malicious domains as unsafe in an attempt to warn users trying to connect their Phantom wallets to the sites in question.
“Azuki’s Twitter has been compromised. Do not visit any links posted from their account. We’ve already blocked several sites to keep our users protected. Stay safe out there!”
Not The First Attack On Azuki
Azuki, the highly popular anime-inspired profile picture (PFP) collection, only recently introduced its native metaverse, “The Garden,” as a platform where NFT holders could interact with one another. In April 2022, scammers had targeted the platform with several compromised verified Twitter accounts that promoted an airdrop scam, trying to scam unsuspecting users. Just earlier this week, Robinhood’s Twitter account was similarly targeted by hackers in an effort to promote another scam. However, they did not see much success, making off with only around $8000.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
Source: https://cryptodaily.co.uk/2023/01/azuki-s-official-twitter-account-hacked-over-750000-drained